Re: simpler version, How to bypass the local routing table?

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




From your previous example my understanding of the hub, was that it was on a tapX interface in software on the same box, not another physical host on the ethernet segment.


I see, your immediate problem is the packets won't leave the host and don't appear appear on the wire, the only (proper) way around this is not to use the real IP of the other ethernet interface as the dest address during the ping. Instead create a fake IP to use.

Then perform address translation at the hub, which is neither of the 1.1 or 1.2 addresses itself, but say 1.3, that translates all packets going to the fake addresses in each direction, don't forget you have to translate both the src and dest addresses to each others fake address, replace fake with real and real with fake. The fake addresses would also best be in another 2 subnet of their own, call them 192.168.3.1/24 and 192.168.4.2/24.

I'd also recommend you don't overlap the subnets of eth0 and eth1 on the same box, make eth1 192.168.2.2/24 or something.

Mangling the IP on OUTPUT won't work, AFAIK, since it never gets into that routing path out of the kernel as its in the local table.

But your original request is improper from a network standpoint, each host has one IP stack, trying to split it in the middle is asking for trouble.


Antony Lesuisse wrote:


imagine the folowing simpler configuration

Hub  | Linux
+----- eth0 192.168.1.1/24
|   |
+----- eth1 192.168.1.2/24
    |





_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux